Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T185615176C11A253B0292C1C4FE9D6B2FEAC2428ECF8B1D35D2F983894BD6E46FC14105 |
|
CONTENT
ssdeep
|
48:TIN1TNmTNMKc2dlI8jC7Z7X47mm4BTKWrNgmBiWVae/YSRVVIuq626OwfR0RLXd0:Tfd7N67oKLZg3q/VObgWpXm |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f373764c4c4c4c59 |
|
VISUAL
aHash
|
00e7e7e7ffffffff |
|
VISUAL
dHash
|
284c484c28300800 |
|
VISUAL
wHash
|
00e4e0e0d8d8e0f0 |
|
VISUAL
colorHash
|
07000000e00 |
|
VISUAL
cropResistant
|
084c084c32280800,0000404040404000 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Malicious code is obfuscated using 9 techniques to evade detection by security scanners and make reverse engineering more difficult.